Wed Oct 11 22:22:40 UTC 202320231011222240_15.0

patches/packages/libcaca-0.99.beta20-x86_64-1_slack15.0.txz:  Upgraded.
  Fixed a crash bug (a crafted file defining width of zero leads to divide by
  zero and a crash). Seems to be merely a bug rather than a security issue, but
  I'd been meaning to get beta20 building so this was a good excuse.
  Thanks to marav.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-0856
  (* Security fix *)

1 files changed, 38 insertions, 0 deletions

diff --git a/patches/source/libcaca/libcaca-0.99.beta20-CVE-2022-0856.patch b/patches/source/libcaca/libcaca-0.99.beta20-CVE-2022-0856.patch
new file mode 100644
index 000000000..092af0643
--- /dev/null
+++ b/patches/source/libcaca/libcaca-0.99.beta20-CVE-2022-0856.patch
@@ -0,0 +1,38 @@
+From d33a9ca2b7e9f32483c1aee4c3944c56206d456b Mon Sep 17 00:00:00 2001
+From: Josef Moellers <jmoellers@suse.de>
+Date: Fri, 18 Mar 2022 11:52:22 +0100
+Subject: [PATCH] Prevent a divide-by-zero by checking for a zero width or
+ height.
+
+---
+ src/img2txt.c | 10 ++++++++--
+ 1 file changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/src/img2txt.c b/src/img2txt.c
+index b8a25899..b9d5ba24 100644
+--- a/src/img2txt.c
++++ b/src/img2txt.c
+@@ -177,7 +177,13 @@ int main(int argc, char **argv)
+     }
+ 
+     /* Assume a 6×10 font */
+-    if(!cols && !lines)
++    if(!i->w || !i->h)
++    {
++	fprintf(stderr, "%s: image size is 0\n", argv[0]);
++        lines = 0;
++	cols = 0;
++    }
++    else if(!cols && !lines)
+     {
+         cols = 60;
+         lines = cols * i->h * font_width / i->w / font_height;
+@@ -214,7 +220,7 @@ int main(int argc, char **argv)
+     export = caca_export_canvas_to_memory(cv, format?format:"ansi", &len);
+     if(!export)
+     {
+-        fprintf(stderr, "%s: Can't export to format '%s'\n", argv[0], format);
++        fprintf(stderr, "%s: Can't export to format '%s'\n", argv[0], format?format:"ansi");
+     }
+     else
+     {